Everything you wanted to know about SQL injection (but were afraid to ask) - wiky apps

Software Development, Games Development, Mobile Development, iOS Development, Android Development, Window Phone Development. Dot Net, Window Services,WCF Services, Web Services, MVC, MySQL, SQL Server and Oracle Tutorials, Articles and their Resources

Tuesday, July 30, 2013

Everything you wanted to know about SQL injection (but were afraid to ask)

Put on your black hats folks, it's time to learn some genuinely interesting things about SQL injection. Now remember – y'all play nice with the bits and pieces you're about to read, ok? SQL injection is a particularly interesting risk for a few different reasons: It's getting increasingly harder to write vulnerable code due to frameworks that automatically parameterise inputs – yet we still write bad code. You're not necessarily in the clear just because you use stored procedures or a shiny ORM (you're aware that SQLi can still get through these, right?) – we still build vulnerable apps around these mitigations. It's easily detected remotely by automated tools which can be orchestrated to crawl the web searching for vulnerable sites – yet we're still putting them out there.


I guess you came to this post by searching similar kind of issues in any of the search engine and hope that this resolved your problem. If you find this tips useful, just drop a line below and share the link to others and who knows they might find it useful too.

Stay tuned to my blogtwitter or facebook to read more articles, tutorials, news, tips & tricks on various technology fields. Also Subscribe to our Newsletter with your Email ID to keep you updated on latest posts. We will send newsletter to your registered email address. We will not share your email address to anybody as we respect privacy.


This article is related to

C#,.NET,Architect,Intermediate,VS2010,.Net,Articles,Computer Tutorials,SQL injection

No comments:

Post a Comment